luxolus/open-vault
2
0
Fork 0
Code Issues 1 Pull requests Releases Activity
open-vault/ui/app/models/database/role.js
Chelsea Shaw 889d82aca5
UI/Database Secrets Engine cleanup (#10949) 
* Update role toolbar, serialization for special mongo values

* Only show defaultShown if no value on info table row

* Remove root_rotation_statements from mongo connection fields

* Wrap this.router in try/catch if in then statement

* Add changelog
2021-02-19 14:04:51 -06:00

122 lines
4 KiB
JavaScript
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

import Model, { attr } from '@ember-data/model';
import { computed } from '@ember/object';
import { alias } from '@ember/object/computed';
import lazyCapabilities, { apiPath } from 'vault/macros/lazy-capabilities';
import { expandAttributeMeta } from 'vault/utils/field-to-attrs';
export default Model.extend({
idPrefix: 'role/',
backend: attr('string', { readOnly: true }),
name: attr('string', {
label: 'Role name',
}),
database: attr('array', {
label: '',
editType: 'searchSelect',
fallbackComponent: 'string-list',
models: ['database/connection'],
selectLimit: 1,
onlyAllowExisting: true,
subLabel: 'Database name',
subText: 'The database for which credentials will be generated.',
}),
type: attr('string', {
label: 'Type of role',
possibleValues: ['static', 'dynamic'],
}),
ttl: attr({
editType: 'ttl',
defaultValue: '1h',
label: 'Generated credentialss Time-to-Live (TTL)',
subText: 'Vault will use the engine default of 1 hour',
defaultShown: 'Engine default',
}),
max_ttl: attr({
editType: 'ttl',
defaultValue: '24h',
label: 'Generated credentialss maximum Time-to-Live (Max TTL)',
subText: 'Vault will use the engine default of 24 hours',
defaultShown: 'Engine default',
}),
username: attr('string', {
subText: 'The database username that this Vault role corresponds to.',
}),
rotation_period: attr({
editType: 'ttl',
defaultValue: '5s',
subText:
'Specifies the amount of time Vault should wait before rotating the password. The minimum is 5 seconds.',
}),
creation_statements: attr('array', {
editType: 'stringArray',
defaultShown: 'Default',
}),
revocation_statements: attr('array', {
editType: 'stringArray',
defaultShown: 'Default',
}),
rotation_statements: attr('array', {
editType: 'stringArray',
defaultShown: 'Default',
}),
creation_statement: attr('string', {
editType: 'json',
theme: 'hashi short',
defaultShown: 'Default',
}),
revocation_statement: attr('string', {
editType: 'json',
theme: 'hashi short',
defaultShown: 'Default',
}),
/* FIELD ATTRIBUTES */
get fieldAttrs() {
// Main fields on edit/create form
let fields = ['name', 'database', 'type'];
return expandAttributeMeta(this, fields);
},
get showFields() {
let fields = ['name', 'database', 'type'];
if (this.type === 'dynamic') {
fields = fields.concat(['ttl', 'max_ttl', 'creation_statements', 'revocation_statements']);
} else {
fields = fields.concat(['username', 'rotation_period']);
}
return expandAttributeMeta(this, fields);
},
roleSettingAttrs: computed(function() {
// logic for which get displayed is on DatabaseRoleSettingForm
let allRoleSettingFields = [
'ttl',
'max_ttl',
'username',
'rotation_period',
'creation_statements',
'creation_statement', // only for MongoDB (styling difference)
'revocation_statements',
'revocation_statement', // only for MongoDB (styling difference)
'rotation_statements',
];
return expandAttributeMeta(this, allRoleSettingFields);
}),
/* CAPABILITIES */
// only used for secretPath
path: attr('string', { readOnly: true }),
secretPath: lazyCapabilities(apiPath`${'backend'}/${'path'}/${'id'}`, 'backend', 'path', 'id'),
canEditRole: alias('secretPath.canUpdate'),
canDelete: alias('secretPath.canDelete'),
dynamicPath: lazyCapabilities(apiPath`${'backend'}/roles/+`, 'backend'),
canCreateDynamic: alias('dynamicPath.canCreate'),
staticPath: lazyCapabilities(apiPath`${'backend'}/static-roles/+`, 'backend'),
canCreateStatic: alias('staticPath.canCreate'),
credentialPath: lazyCapabilities(apiPath`${'backend'}/creds/${'id'}`, 'backend', 'id'),
canGenerateCredentials: alias('credentialPath.canRead'),
databasePath: lazyCapabilities(apiPath`${'backend'}/config/${'database[0]'}`, 'backend', 'database'),
canUpdateDb: alias('databasePath.canUpdate'),
});
Reference in a new issue View git blame Copy permalink